The stolen patient information included first and last names as well as some birth dates, medical record numbers, addresses and medical information, officials said. It did not include Social Security numbers, credit card or insurance details. The patient information was from 2007 through 2011.

The data were on the physician’s external hard drive, officials said. Though the hard drive was encrypted, a piece of paper with the password was nearby and is also missing. The physician notified UCLA the next day and officials began identifying patients affected.

The theft is not the first breach at UCLA. Between 2005 and 2009, hospital officials were repeatedly caught and fired for reviewing, without authorization, the medical records of dozens of celebrities, including Britney Spears and Farrah Fawcett. That prompted a state law imposing escalating fines on hospitals for patient privacy lapses. State regulators later fined Ronald Reagan UCLA Medical Center in connection with privacy breaches involving the records of Michael Jackson.

In the statement, UCLA officials said they would review the hospital’s policies and make any fixes necessary. They have contracted with a data security firm to work with patients and notified the U.S. Department of Health and Human Services Office for Civil Rights, which has previously investigated privacy violations at the hospitals.

"UCLA’s concern for its patients is absolute, and we deeply regret any breach of confidentiality and the stress and concern it might cause our patients," the statement said.